26 June 2020

INTERVIEW with Ramsés Gallego, cyber-security expert: Technology should not be used to spy or counterattack other countries, but to create a great society

Andreea Soare

Ramsés Gallego, the Spanish cyber-security expert and, currently, Security, Risk and Governance International Director at Micro Focus, stated, in an interview for the Defence and Security Monitor, that the 5G technology, despite the critics raised especially during the COVID-19 pandemic, will continue and he advised governments investing and producing this technology not to use it to spy or counterattack other countries, but to create a great society.

Image source: Mediafax

The cyber-security expert, Ramsés Gallego, currently Security, Risk and Governance International Director at Micro Focus, talked, in an exclusive interview for the Defence and Security Monitor, about the cyber-security learned lessons after the COVID-19 pandemic, the necessary innovations in the cyber space and the long-disputed 5G technology.

We are presenting you the entire interview:

Reporter: The pandemic makes us adapt to new social, political and economic realities, but it should also make us rethink the cyberspace. From your point of view, which are the innovations that should be brought to the cyber space, after this coronavirus crisis, to increase security?

Ramsés Gallego: It is instrumental that we take the opportunity of this post-pandemic era (if such a thing exists, anyway) to embrace new dimensions for cybersecurity. I feel that the name of the game now should be not just ‘digital transformation’ but ‘radical innovation’, doing different things… differently. And by that I mean enhancing the assurance that someone is who she/he says she/he is; now that millions of us are working from home -and some statistics indicate that 40% of employees will never be back to the office again-, it is fundamental to embrace advanced authentication as one pillar for making sure that the right people are connecting to the right resources.

Besides, a great deal of applications have never been designed to support the workload of thousands (or tens of thousands) of users accessing remotely. Consequently, these applications will be slow, will not respond effectively… and the time has come to test the applications and harden its security posture not just from the point of view of responsiveness but also for the robustness of the code. Many companies are accelerating their ‘Cloud journey’ and it is imperative that they know for sure that the code is solid, flawless, using open source libraries that are updated and with no vulnerabilities. The discipline of Application Security seems critical to my eyes, these days.

Furthermore, we are facing times where providing full control and visibility on what’s happening on an environment might mean the difference between success and failure, breached or protected. This is why the topic on Security Operations (SecOps) and its newest ‘flavor’, Next-Gen SecOps, is on CISO’s minds. The unique opportunity of (super) correlating information from different sources, different feeds to create ‘a single instance of the truth’ that can identity, prevent, protect and respond in real-time to the threats businesses are facing.

All that, in short, means to think differently and adapt and adopt new approaches in cybersecurity: ‘Radical Innovation’ is the name of the game.

Reporter:  How did the COVID-19 pandemic change the cybersecurity environment in general, from your perspective, and which should be the new threats we should watch out for?

Ramsés Gallego: Unfortunately, cybercriminals do not stop. Whether with or without the pandemic, offenders see that there is business in hacking people and money to be made out of the fear, uncertainty, lack of knowledge of the people. I understand that different generations would react differently to some emails promising a vaccine for COVID-19… or would be more or less sensitive to some (fake) information about some new symptoms… Consequently, the bad guys are using this as a way to hack into people’s devices and steal sensitive information that can be sold or get access to credit card data stored in the devices.

The attacks known as BEC (Business Email Compromise), the one where a cybercriminal impersonates as an executive of a company after compromising -hence, the name- the corporate email system and them urges someone in accounting or finance to do a bank transfer or, otherwise, the business might have a problem. Who would say ‘no’ to a high official in the company that is actually sending an official email?.

Attacks such as cryptojacking (involving cryptocurrencies) will go on as well the ones known as ‘Living Off the Land’ (using features -not vulnerabilities but actually functions of applications). It is amazing how criminals can use tools and instructions already built in Cloud and commercial applications to hack into people’s systems.

Finally, the threats coming from afar, from different regions of the world, the ones that are VERY difficult to prosecute will be a new norm, unfortunately. What is know as ‘false flag attacks’ will become ‘the next normal’ and it will have implications for geopolitics and geostrategy.

Reporter: Do any crisis plans and policies concerning the use of information, equipment and remote working need to be amended?

Ramsés Gallego: Absolutely. How many contingency plans considered the possibility of hundreds of thousands, millions of people working remotely overnight? Very few. How many business continuity plans were ready for having people using their (limited) infrastructure at home to connect securely to the corporate systems? And, on top of that, how many companies had a communications plan to go public on their tactics for a pandemic? I did not see many of them during the first weeks… and that’s the answer to your question: companies were not ready (which I can understand) but were very slow to react (which I tend to dislike because that means that they were not doing a proper job on caring about people and data).

It is fundamental that we understand that ‘next normal’ and act accordingly. There are many dimensions of the type of work (social, economic,…) and the impact will be huge on different markets (from the real estate one to the  infrastructure arena). Who is going to take care of the cost of the infrastructure of millions of workers accessing from home? And what about the solutions that are needed from a security perspective? Are they going to be deployed in my personal computer at home?

And what happens when the next ‘big thing’ occurs? (call it COVID-23, nuclear disaster, etc.). Which are the civil, social, economic protocols that we will have to follow if when that happens?

Reporter: Will the approach of European regulators be any different during and post Covid-19 crises?

Ramsés Gallego: I hope so. I trust that someone in the European Commission is now thinking what’s next and how we are going to approach it. New policies and procedures are needed, new coordination -and agreement instead of disagreement- is needed from what it should a ONE Europe (that was the idea at beginning, wasn’t it?).

A solid and robust approach is needed since, I feel, something else will happen… and we have to be ready and avoid the chaos, confusion and suffering that this has created.

Reporter:  Which would be the top 3 cybersecurity lessons from the pandemic?

Ramsés Gallego: The first one should be: get ready, think out of the box, expect the unexpected… since it will happen again

The second lesson would be: follow the rules, stay calm, stick with the guidance and procedures established (as long as they exist and this takes me back to my previous answer on the responsibility of governments of the world)

The third lesson is: use technology to your advantage. The pandemic has shown us a lot of lessons (some of them, really hard ones). But using technology (and research, if properly funded) can save the day. The times that we are living have proved that a lot can be done remotely (videoconferencing, teaching, meetings,…) and that’s something not of a fashion or trend but a reality that will stay. A change in society for the decades to come.

Reporter:  People around the world have started to be increasingly concerned with the development of the 5G technology, as a result of the massive fake news emerged lately in the online space. Do you think that these developments are affecting the processes started months ago related to the implementation of the 5G technology? What would you advise governments to do in such situations?

Ramsés Gallego: 5G represents a gigantic leap in communications and trillions of money have been invested to make it a reality. This will not go away. It might have been delayed or slowed down (which I am sure, in any case) but 5G and its promise will capitalize precisely on what has happened and how the world has reacted to the pandemic times (more connections, more information, more entertainment, more bits and bytes going back and forth).

As a consequence, 5G will go on and the question will remain (as before COVID-19) who leads the way, which country is better prepared for the challenge… and, then, who is not. Again, the political implications and the opportunity for ‘world dominance’ (apologies for such an aggressive term but there is an angle for that in all this) are massive.

My advise to governments is two-fold: on one side, addressing the governments that are deploying the technology, make sure that it’s safe, that it has no backdoors, that one can TRUST the technology and its deployment. Secondly, addressing the governments who are leading the way on investing and developing the technology… do the right thing. I might sound naive and even romantic… but the pandemic has shown us enough pain and we should not use technology to spy or counterattack other countries but to create a great society, to connect humanity, to minimizing the pain and enhancing people’s lives.